Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2017-0403)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0403
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0403)
Resumen:	The remote host is missing an update for the 'lucene' package(s) announced via the MGASA-2017-0403 advisory.
Descripción:	Summary: The remote host is missing an update for the 'lucene' package(s) announced via the MGASA-2017-0403 advisory. Vulnerability Insight: It was found that the CoreParser class in Lucene accepts doctype declaration and expands external entities. An attacker could use this flaw to bypass security restrictions and access sensitive data (CVE-2017-12629). Affected Software/OS: 'lucene' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-12629 BugTraq ID: 101261 http://www.securityfocus.com/bid/101261 Debian Security Information: DSA-4124 (Google Search) https://www.debian.org/security/2018/dsa-4124 https://www.exploit-db.com/exploits/43009/ http://openwall.com/lists/oss-security/2017/10/13/1 https://twitter.com/ApacheSolr/status/918731485611401216 https://twitter.com/joshbressers/status/919258716297420802 https://twitter.com/searchtools_avi/status/918904813613543424 https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E https://s.apache.org/FJDl https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E RedHat Security Advisories: RHSA-2017:3123 https://access.redhat.com/errata/RHSA-2017:3123 RedHat Security Advisories: RHSA-2017:3124 https://access.redhat.com/errata/RHSA-2017:3124 RedHat Security Advisories: RHSA-2017:3244 https://access.redhat.com/errata/RHSA-2017:3244 RedHat Security Advisories: RHSA-2017:3451 https://access.redhat.com/errata/RHSA-2017:3451 RedHat Security Advisories: RHSA-2017:3452 https://access.redhat.com/errata/RHSA-2017:3452 RedHat Security Advisories: RHSA-2018:0002 https://access.redhat.com/errata/RHSA-2018:0002 RedHat Security Advisories: RHSA-2018:0003 https://access.redhat.com/errata/RHSA-2018:0003 RedHat Security Advisories: RHSA-2018:0004 https://access.redhat.com/errata/RHSA-2018:0004 RedHat Security Advisories: RHSA-2018:0005 https://access.redhat.com/errata/RHSA-2018:0005 https://usn.ubuntu.com/4259-1/
Copyright	Copyright (C) 2022 Greenbone AG